Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] http-slowloris, check if a webserver is prone to the Slowloris DoS attack
From: Patrick Donnelly <batrick () batbytes com>
Date: Sat, 11 Jun 2011 21:28:32 -0400

On Fri, Jun 10, 2011 at 6:12 AM, Henri Doreau
<henri.doreau () greenbone net> wrote:
 - removed variable "count" in doHalfHTTP. Maybe I'm just missing
something but I can't see why not simply operating on the "Threads"
variable. And don't we have a race condition here?
local count = Threads -- Threads is shared between all threads
count = count + 1
Threads = count -- Threads might have changed and its value would then
be overwritten there?
I am not entirely sure as NSE threads aren't real native threads.
Could someone review the accesses to shared variables?

Currently, the only time there is a "context switch" between script
threads is when call one of these functions:

(a) stdnse.sleep
(b) function returned by nmap.mutex(...)
(c) function returned by nmap.condvar(...)
(d) any socket function

As said in the documentation, script threads are not operating system
threads. They are coroutines. There is no memory synchronization
concerns ever. The reason the mutex/condition variable mechanisms
exist is to allow you to control and manage script threads. For
example, the first usage of the mutexes were to serialize access to a
remote whois service to prevent overloading the service.

- Patrick Donnelly
Sent through the nmap-dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]